Chapter 1 - Introduction

Welcome to Security Operations Guide for Microsoft Exchange 2000 Server. This guide will help you take steps to ensure that your Exchange 2000 Server environment is as secure as possible and remains secure during day to day operations.

This guide is designed to act as a supplement to Security Operations Guide for Microsoft Windows 2000 Server (Microsoft Press, ISBN: 0-7356-1823-2). You are strongly advised to read that guide in full before going on to read this guide. Sections of this guide will depend directly on information in Security Operations Guide for Microsoft Windows 2000, and this will be indicated in the text where appropriate and the pertinent chapters are included as appendices. You are also advised to read Microsoft Exchange 2000 Server Operations (Microsoft Press, ISBN: 0-7356-1831-3), which will provide you with more information about general Exchange 2000 operations.

On This Page

Microsoft Operations Framework (MOF)

For operations in your environment to be as efficient as possible, you must manage them effectively. To assist you, Microsoft has developed the Microsoft Operations Framework (MOF). This is essentially a collection of best practices, principles, and models providing you with operations guidance. Following MOF guidelines should help your mission critical production systems remain secure, reliable, available, supportable, and manageable

The MOF process model is split into four integrated quadrants, as follows:

Changing

Operating

Supporting

Optimizing

Together, the phases form a spiral life cycle (see Figure 1.1) that can apply to anything from a specific application to an entire operations environment with multiple data centers. In this case, you will be using MOF in the context of security operations.

Figure 1.1: MOF lifecycle

The process model is supported by 20 service management functions (SMFs) and an integrated team model and risk model. Each quadrant is supported with a corresponding operations management review (also known as a review milestone), during which the effectiveness of that quadrant's SMFs are assessed.

It is not essential to be a MOF expert to understand and use this guide, but a good understanding of MOF principles will help you manage and maintain a reliable, available, and stable operations environment.

If you wish to learn more about MOF and how it can assist you in your enterprise, visit the Microsoft Operations Framework website. See the "More Information" section at the end of this chapter for details.

Get Secure and Stay Secure

In October 2001, Microsoft launched an initiative known as the Strategic Technology Protection Program (STPP). The aim of this program is to integrate Microsoft products, services, and support that focus on security. Microsoft sees the process of maintaining a secure environment as two related phases: Get Secure and Stay Secure.

Get Secure

The first phase is called Get Secure. To help your organization achieve an appropriate level of security, follow the Get Secure recommendations in the Microsoft Security Tool Kit, which can be accessed online (see the "More Information" section for details on the tool kit and the STPP).

Stay Secure

The second phase is known as Stay Secure. It is one thing to create an environment that is initially secure. However, once your environment is up and running, it's entirely another to keep the environment secure over time, take preventative action against threats, and respond to them effectively when they do occur.

Scope of this Guide

This guide is focused explicitly on the operations required to create and maintain a secure environment on servers running Exchange 2000. We examine two specific roles defined for servers — OWA front-end servers and back-end servers. We do not discuss how to run Internet Message Access Protocol 4 (IMAP4) or Post Office Protocol 3 (POP3) in a secure manner.

You should use this guide as part of your overall security strategy for Exchange, not as a complete reference to cover all aspects of creating and maintaining a secure environment. The diagram provides a high level view of these areas, the dark shaded box with white text is covered in this guide and the other shaded areas are covered in Security Operations Guide for Microsoft Windows 2000 Server.

Figure 1.2: Scope of this guide in relation to your overall security strategy for Exchange

Note: Security Operations Guide for Microsoft Windows 2000 Server is available online. For further details, see the "More Information" section at the end of this chapter.

The diagram shows the steps required to help make a server secure (Get Secure) and help keep it that way (Stay Secure). It also shows how the chapters of this guide and Security Operations Guide for Microsoft Windows 2000 Server will help you achieve those aims.

Chapter Outlines

This guide consists of the following chapters, each of which takes you through a part of the security operations process. Each chapter is designed to be read, in whole or in part, according to your needs.

Exchange is a complex application, with many components that depend on each other. In order to secure Exchange successfully you need to be aware of these relationships and design your security accordingly. This chapter looks at general risks to Exchange 2000 environments. It also introduces the two server roles that appear in the following chapters, back-end and front-end servers, and links in to Windows 2000 Security Operations to show how security can be implemented on these server types.

This chapter deals with securing the back-end server role and the Outlook Web Access (OWA) front-end server role, and examines the steps you need to follow to increase their security. It looks at the changes you need to make to a secure Windows 2000 environment to allow an Exchange 2000 server to run as securely as possible.

This chapter covers securing communication between clients and Exchange 2000 Server, for example, securing communication between Outlook and Exchange. It examines firewall considerations for OWA server positioning, and looks at securing traffic not only from the OWA server to the client, but also from the OWA server to internal Exchange back-end servers. It also looks at securing SMTP traffic.

Summary

This chapter has introduced you to this guide and summarized the other chapters in it. It has also introduced the Strategic Technology Protection Program (STTP). Now that you understand the organization of the guide, you can decide whether to read it from beginning to end, or whether you want to read selected portions. Remember that effective, successful security operations require effort in all areas, not just improvements in one, so you are best advised to read all chapters.